ALSA-2026:18480 Important: linux-sgx security update

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...

Intel Connectivity Performance Suite 代码问题漏洞

Intel Connectivity Performance Suite is a software developed by Intel Corporation in the United States. It can automatically optimize a computer’s network connections, enhancing Wi-Fi performance and application response times. Versions of Intel Connectivity Performance Suite prior to...

Astra Linux – Vulnerability in Intel Microcode

Improper access control in the EDECCSSA user leaf function for certain IntelR Processors with IntelR SGX may allow an authenticated user to potentially enable denial of service through local access...

Astra Linux – Vulnerability in Intel Microcode

An improperly implemented security check for standard in the DDRIO configuration for some IntelR XeonR 6 processors, when using IntelR SGX or IntelR TDX, may allow a privileged user to potentially enable privilege escalation through local access...

[SECURITY] Fedora 43 Update: linux-sgx-2.26-34.fc43

The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++...

MiracleLinux 8 : microcode_ctl-20200609-2.20201027.1.el8 (AXSA:2021-1384:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1384:02 advisory. hw: Information disclosure issue in Intel SGX via RAPL interface CVE-2020-8695 hw: Vector Register Leakage-Active CVE-2020-8696 hw: Fast forward sto...

CVE-2023-43745

Improper input validation in some IntelR CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2021-0194

Improper access control in the IntelR In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access...

CVE-2021-0178

Improper input validation in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

CVE-2021-0193

Improper authentication in the IntelR In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access...

CVE-2019-11147

Insufficient access control in hardware abstraction driver for MEInfo software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for IntelR TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before;...

CVE-2023-43489

Improper access control for some IntelR CIP software before version 2.4.10717 may allow an authenticated user to potentially enable denial of service via local access...

CVE-2023-29161

Uncontrolled search path in some IntelR OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-26086

Uncontrolled search path element in the PresentMon software maintained by IntelR before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-26341

Insufficiently protected credentials in software in IntelR AMT SDK before version 16.0.4.1, IntelR EMA before version 1.7.1 and IntelR MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access...

SUSE CVE-2025-40132

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...

CVE-2025-24299

Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...

CVE-2025-24314

Improper access control for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may...

CVE-2025-24307

Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data manipulation. This...

CVE-2025-24847

Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...